Security Considerations on Linux Package Management
-
Upload
tharindu-edirisinghe -
Category
Technology
-
view
19 -
download
0
Transcript of Security Considerations on Linux Package Management
![Page 1: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/1.jpg)
Security Considerations on Linux Package Management
![Page 2: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/2.jpg)
Hello!I am Tharindu Edirisinghe
You can find me at ….
tharindue.blogspot.com @thariyarox https://lk.linkedin.com/in/ediri [email protected]
![Page 3: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/3.jpg)
Source : http://www.slideshare.net/tshrinivasan/foss-history-1300788
![Page 4: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/4.jpg)
Source : http://www.aboutlinux.info/2006/04/mind-map-of-linux-distributions.html
Linux family tree
![Page 5: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/5.jpg)
Ubuntu packages and software repositories
![Page 6: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/6.jpg)
PPA - Personal package archive A Personal Package Archive (PPA) is a special software repository for uploading source packages to be built and published as an APT repository by Launchpad. While the term is used exclusively within Ubuntu, Launchpad host Canonical envisions adoption beyond the Ubuntu community.Source : http://askubuntu.com/questions/4983/what-are-ppas-and-how-do-i-use-them https://en.wikipedia.org/wiki/Personal_Package_Archive
![Page 7: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/7.jpg)
Installing ubuntu packages from official repo
sudo apt-get install <package name>
![Page 8: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/8.jpg)
Installing a package from a ppaYou can add a PPA to your system with a single line in your terminal. Open a terminal and enter:
sudo add-apt-repository ppa:shutter/ppa
Now, as a one-off, you should tell your system to pull down the latest list of software from each archive it knows about, including the PPA you just added:
sudo apt-get update
Install Shuttersudo apt-get install shutter
![Page 9: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/9.jpg)
Installing a debian package directly
sudo dpkg -i <package file>
![Page 10: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/10.jpg)
APT (Advanced packaging tool)The Advanced Package Tool, or APT, is a free software user interface that works with core libraries to handle the installation and removal of software on the Debian, Slackware and other Linux distributions. APT simplifies the process of managing software on Unix-like computer systems by automating the retrieval, configuration and installation of software packages, either from precompiled files or by compiling source code.
APT was originally designed as a front-end for dpkg to work with Debian's .deb packages, but it has since been modified to also work with the RPM Package Manager system via APT-RPM.The Fink project has ported APT to Mac OS X for some of its own package management tasks, and APT is also available in OpenSolaris.
Source : https://en.wikipedia.org/wiki/Advanced_Packaging_Tool
![Page 11: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/11.jpg)
Dpkg dpkg is the software at the base of the package management system in the free operating system Debian and its numerous derivatives. dpkg is used to install, remove, and provide information about .deb packages.
Source : https://en.wikipedia.org/wiki/Dpkg
![Page 12: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/12.jpg)
Debian package structurepackage_name├── DEBIAN│ ├── control (meta data of the package)│ ├── preinst (execute before installing the package)│ ├── postinst (execute after installing the package) │ ├── prerm (execute before un-installing the package)│ └── postrm (execute after un-installing the package)│ └── /……. (folders and files following the linux file structure)
Source : https://www.hivelocity.net/kb/what-are-preinst-postinst-prerm-and-postrm-script-2/
![Page 13: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/13.jpg)
demo
![Page 14: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/14.jpg)
Creating a debian package
mkdir -p helloworld_1.0-1/usr/local/bin
cp ~/Projects/Hello World/helloworld helloworld_1.0-1/usr/local/bin/
mkdir helloworld_1.0-1/DEBIAN
vi helloworld_1.0-1/DEBIAN/control
dpkg-deb --build helloworld_1.0-1
Source : https://ubuntuforums.org/showthread.php?t=910717
Package: helloworldVersion: 1.0-1Section: basePriority: optionalArchitecture: i386Depends: libsomethingorrather (>= 1.2.13), xyz (>= 1.2.6)Maintainer: Tharindu Edirisinghe <[email protected]>Description: Hello World When you need some sunshine, just run this small program!
![Page 15: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/15.jpg)
Useful commandsInstall a Debian (.deb) package
× sudo dpkg -i <package name>
List installed packages× dpkg -l <package name with/out wildcards>
Un-Install a Debian (.deb) package binaries× sudo dpkg --remove <package name>
Un-Install a Debian (.deb) package binaries and configuration files× sudo dpkg --purge <package name>
![Page 16: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/16.jpg)
Debian packages example
![Page 17: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/17.jpg)
referencesLinux Package Managementhttps://www.linode.com/docs/tools-reference/linux-package-management
Package Management Securityhttps://isis.poly.edu/~jcappos/papers/cappos_pmsec_tr08-02.pdf
Debian Packaging Tutorialhttps://www.debian.org/doc/manuals/packaging-tutorial/packaging-tutorial.en.pdf
![Page 18: Security Considerations on Linux Package Management](https://reader035.fdocuments.us/reader035/viewer/2022070512/589a39571a28ab8c588b4e5f/html5/thumbnails/18.jpg)
THANKS!Any questions?You can find me at ….
tharindue.blogspot.com @thariyarox https://lk.linkedin.com/in/ediri [email protected]